Don’t Let a Stolen Email Snowball Into Other Accounts

ProtectIQ helps put a wall between you and hackers.

Email accounts are often the pathway that can provide a link to all your other valuable accounts, as well as a record of your communication with friends, families, and colleagues. As central hubs to other online services, hackers may try to obtain your passwords through social engineering scams to jump to other services. If an email account acts as a singular hub for your other services, a single compromise can snowball into the hijack of many accounts and services.

Businesses typically have advanced firewalls, anti-virus software and intrusion detection systems to prevent or detect improper network access. However, vulnerabilities abound in home networks. Protect your email account with a strong password and encrypt your emails where possible. If your password is still somehow leaked or otherwise become known to an attacker, having two-factor authentication enabled may help to dramatically prevent improper access.

One example: A few years ago, the U.S. Federal Trade Commission charged four scammers who hacked accounts by sending millions of emails urging the recipients to try “miracle” weight loss pills. The email had a weight loss story from the sender and a link to fake endorsements from Oprah and other stars. This could happen to you and the colleagues, friends, and family members in your email contacts list. Learn what to do if your email has been hacked so you can stop these scammers quickly.

How to tell if your email has been hacked

You may get an urgent message from a friend or family member who received a suspicious email from you and may ask if you sent the email. Or the hacker may simply send these panic-inducing words: “You’ve been hacked.” But you may be able to spot signs of trouble before you get tipped off by a friend. Here are three indicators that your email account has likely been hacked:

• You can’t log into your email account. When you try to log in, you may get a message that your username or password is incorrect. This could mean the hacker changed your credentials to lock you out of your own account.

• Your sent-messages folder looks odd. Your sent messages folder may hold unexplained messages you didn’t write. Or the folder may be sitting empty when you never deleted your sent messages.

• Strange messages appear on your social media accounts. If your latest Instagram post or tweet is touting some product you’ve never used, a hacker may have gained access to both your email and social media accounts. You email account can act as a gateway into other accounts. The hacker can simply click “forgot password” at login and have a password reset link sent right to your email inbox, which they now control.

Your email also may contain a wealth of information about your bank account, credit cards, and other financial accounts. A hacked email can put you and your email contacts at risk for identity theft and bank account or credit card fraud. If you think your email has been hacked, take quick action to minimize the damage.

Four things to do if your email account has been hacked

Here are four steps you can take right now to try and regain control of your account, banish the hacker, and help protect yourself in the future:

1. Change your credentials.

The first step is to take back control of your account. If the hacker has locked you out, you may have to contact your email service provider for help. You will probably have to provide an array of information to prove your identity and regain control of your email. If you do still have access to your account, make these changes right away:

• Get a new username and choose a strong password. Secure passwords or passphrases should contain at least 12 characters, including numbers, symbols and a mix of capital and lowercase letters. Use a unique password for every account. Password managers offer an easy and secure way to create complex passwords and to keep track of your login credentials.

• Change your security questions. The hacker may have gotten access to your account by guessing the answers to security questions. They could hack your account again if you don’t change these questions and answers. Avoid choosing questions with answers that can easily be guessed or found online. For example, don’t choose “What’s your mother’s middle name?” if your mom routinely uses her first, middle, and last name on social media.

• Turn on two-step verification. Also known as multifactor authentication, this extra security measure typically requires you to enter your username and password along with a temporary passcode to get into an account. For example, the service provider may send the one-time passcode to your phone each time you try to log in. Without your phone in hand, a hacker will be much less likely to gain entry into an account that has two-step verification turned on.

2. Warn your contacts.

Tell the colleagues, friends, and family in your email contact list that your email has been hacked. Warn them to delete any suspicious messages that come from your account. Also tell them not to open applications, click on links, share credit card information, or send money. It can be embarrassing to let your contacts know you’ve been hacked, but the warning may save them from falling for a scam.

3. Look for signs of trouble.

Hackers may make changes to allow them to get into your account again or even to continue to scam people after you’ve taken back control of the account. To prevent this, you should take these steps:

• Check your settings. Hackers who gain access to an email account may change settings to further compromise your security. Check your email signature to make sure it doesn’t contain any unfamiliar links. Look to make sure your emails aren’t being auto-forwarded to someone else. You should also get tips from your email service provider on any other ways you can make your account more secure.

• Scan for trouble. Look for signs of a computer virus on your computer, phone or tablet. These signs may include strange pop-up windows, slowness, problems shutting down or restarting, and unfamiliar applications on your device.

4. Protect yourself for the future.

Finally, you can put a few simple measures in place to make it less likely that your email account gets hacked again. Here’s what to do:

• Get up to date, frequently. Make sure you are running the latest versions of your apps, browser, operating system, and software. The newest versions often contain patches to fix security flaws hackers can exploit. You may also want to delete any apps you don’t use or that aren’t being updated regularly by their developers.

• Add security software. Get security software from a reputable company and install it on all of your devices. If you already have security software, make sure you’ve got the latest version and run it to check for malware, spyware, and viruses.

Now that you know what to do if your email account is hacked, you can put a plan of action in place in case you ever do get the dreaded “you’ve been hacked” message from a friend. That will help you regain your account and your peace of mind more quickly.


Cumberland Connect subscribers can add a secret weapon to their cybersecurity arsenal: ProtectIQ Network Security. With ProtectIQ™, you can have an extra layer of network-level security that helps protect all devices connected to your network. ProtectIQ is a network-level security application, included in the Peace of Mind Package, that works quietly in the background and proactively helps keep malicious websites, viruses, and intrusion away from your home 24/7/365. Learn more about ProtectIQ and the other great benefits of enrolling in the Peace of Mind Package by clicking here.

We want you to have an awesome experience online — and that means keeping your personal information safe and protected! We hope that spreading awareness and sharing these safety tips helps you stay safe online — and be sure to check out our blog to read more about common online scams to watch out for.

*ProtectIQ is not a replacement for traditional antivirus software, but rather, works together with your antivirus software by ensuring that Internet-connected devices like video cameras, Smart TVs, home automation systems, video doorbells, or any other “smart” devices in your home are monitored for web threats and intrusions. While ProtectIQ adds an extra layer of security to your Wi-Fi network, ProtectIQ is not a substitute for antivirus software, and our team recommends keeping anti-virus software as an add-on to ProtectIQ as it can help clean up any systems that are infected.